Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
560eb7b0 by security tracker role at 2025-07-18T08:14:10+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,111 +1,111 @@
CVE-2025-7772 (The Malcure Malware Scanner \u2014 #1 Toolset for WordPress
Malware Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7767 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-7765 (A vulnerability classified as critical was found in
code-projects Onli ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7764 (A vulnerability classified as critical has been found in
code-projects ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7763 (A vulnerability, which was classified as problematic, was found
in thi ...)
TODO: check
CVE-2025-7762 (A vulnerability, which was classified as critical, has been
found in D ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-7759 (A vulnerability, which was classified as critical, was found in
thinkg ...)
TODO: check
CVE-2025-7758 (A vulnerability, which was classified as critical, has been
found in T ...)
TODO: check
CVE-2025-7757 (A vulnerability classified as critical was found in PHPGurukul
Land Re ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-7756 (A vulnerability classified as problematic has been found in
code-proje ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7755 (A vulnerability was found in code-projects Online Ordering
System 1.0. ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7754 (A vulnerability was found in code-projects Patient Record
Management S ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7753 (A vulnerability was found in code-projects Online Appointment
Booking ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7752 (A vulnerability was found in code-projects Online Appointment
Booking ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7751 (A vulnerability has been found in code-projects Online
Appointment Boo ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7750 (A vulnerability, which was classified as critical, was found in
code-p ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7749 (A vulnerability, which was classified as critical, has been
found in c ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7748 (A vulnerability classified as problematic was found in ZCMS
3.6.0. Thi ...)
TODO: check
CVE-2025-7747 (A vulnerability classified as critical has been found in Tenda
FH451 1 ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-7660 (The Map My Locations plugin for WordPress is vulnerable to
Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7648 (The Ruven Themes: Shortcodes plugin for WordPress is vulnerable
to Sto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7643 (The Attachment Manager plugin for WordPress is vulnerable to
arbitrary ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7638 (The Forminator Forms \u2013 Contact Form, Payment Form & Custom
Form B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7472 (A local privilege escalation vulnerability in the Intercept X
for Wind ...)
TODO: check
CVE-2025-7438 (The MasterStudy LMS Pro plugin for WordPress is vulnerable to
arbitrar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7433 (A local privilege escalation vulnerability in Sophos Intercept
X for W ...)
TODO: check
CVE-2025-7431 (The Knowledge Base plugin for WordPress is vulnerable to Stored
Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7398 (Brocade ASCG before 3.3.0 allows for the use of medium strength
crypto ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2025-7397 (A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0
stores ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2025-7339 (on-headers is a node.js middleware for listening to when a
response wr ...)
TODO: check
CVE-2025-7338 (Multer is a node.js middleware for handling
`multipart/form-data`. A v ...)
TODO: check
CVE-2025-6813 (The aapanel WP Toolkit plugin for WordPress is vulnerable to
Privilege ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6781 (The Copymatic \u2013 AI Content Writer & Generator plugin for
WordPres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6726 (The Block Editor Gallery Slider plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6719 (The Terms descriptions plugin for WordPress is vulnerable to
Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6718 (The B1.lt plugin for WordPress is vulnerable to SQL Injection
due to a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6717 (The B1.lt plugin for WordPress is vulnerable to SQL Injection
via the ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6391 (Brocade ASCG before 3.3.0 logs JSON Web Tokens (JWT) in log
files. An ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2025-6249 (An authentication bypass vulnerability was reported in FileZ
client ap ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2025-6248 (A cross-site scripting (XSS) vulnerability was reported in the
Lenovo ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2025-6232 (An improper validation vulnerability was reported in Lenovo
Vantage th ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2025-6231 (An improper validation vulnerability was reported in Lenovo
Vantage th ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2025-6230 (A SQL injection vulnerability was reported in Lenovo Vantage
that coul ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2025-6222 (The WooCommerce Refund And Exchange with RMA - Warranty
Management, Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6197 (An open redirect vulnerability has been identified in Grafana
OSS orga ...)
TODO: check
CVE-2025-6185 (Leviton AcquiSuite and Energy Monitoring Hub are susceptible
to a cro ...)
TODO: check
CVE-2025-6053 (The Zuppler Online Ordering plugin for WordPress is vulnerable
to Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6023 (An open redirect vulnerability has been identified in Grafana
OSS that ...)
TODO: check
CVE-2025-5816 (The Plugin Pengiriman WooCommerce Kurir Reguler, Instan, Kargo
\u2013 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5811 (The Listly: Listicles For WordPress plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5800 (The Testimonial Post type plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5767 (The Crowdfunding for WooCommerce plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5754 (The Useful Tab Block \u2013 Responsive & AMP-Compatible plugin
for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5752 (The Vertical scroll image slideshow gallery plugin for
WordPress is vu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5346 (Bluebird devices contain a pre-loaded barcode scanner
application. Thi ...)
TODO: check
CVE-2025-5345 (Bluebird devices contain a pre-loaded file manager application.
This a ...)
@@ -121,17 +121,17 @@ CVE-2025-54066 (DiracX-Web is a web application that
provides an interface to in
CVE-2025-54064 (Rucio is a software framework that provides functionality to
organize, ...)
TODO: check
CVE-2025-54062 (WeGIA is an open source web manager with a focus on the
Portuguese lan ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-54061 (WeGIA is an open source web manager with a focus on the
Portuguese lan ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-54060 (WeGIA is an open source web manager with a focus on the
Portuguese lan ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-54058 (WeGIA is an open source web manager with a focus on the
Portuguese lan ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-53964 (GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method
that allows ...)
TODO: check
CVE-2025-53946 (WeGIA is an open source web manager with a focus on the
Portuguese lan ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-53941 (Hollo is a federated single-user microblogging software
designed to be ...)
TODO: check
CVE-2025-53928 (MaxKB is an open-source AI assistant for enterprise. Prior to
versions ...)
@@ -159,7 +159,7 @@ CVE-2025-51497 (An issue was discovered in AdGuard plugin
before 1.11.22 for Saf
CVE-2025-50240 (nbcio-boot v1.0.3 was discovered to contain a SQL injection
vulnerabil ...)
TODO: check
CVE-2025-4657 (A buffer overflow vulnerability was reported in the Lenovo
Protection ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2025-47189 (Netwrix Directory Manager through 2025-05-01 allows XSS.)
TODO: check
CVE-2025-46102 (Cross Site Scripting vulnerability in Beakon Software Beakon
Learning ...)
@@ -167,19 +167,19 @@ CVE-2025-46102 (Cross Site Scripting vulnerability in
Beakon Software Beakon Lea
CVE-2025-3753 (A code execution vulnerability has been identified in the Robot
Operat ...)
TODO: check
CVE-2025-3740 (The School Management System for Wordpress plugin for WordPress
is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-38349 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
TODO: check
CVE-2025-2818 (A vulnerability was reported in version 1.0 of the Bluetooth
Transmiss ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2025-29572
REJECTED
CVE-2025-26855 (A SQL injection in Articles Calendar extension 1.0.0 -
1.0.1.0007 for ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2025-26854 (A SQL injection in Articles Good Search extension 1.0.0 -
1.2.4.0011 f ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2025-25257 (An improper neutralization of special elements used in an SQL
command ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-23270 (NVIDIA Jetson Linux contains a vulnerability in UEFI
Management mode, ...)
TODO: check
CVE-2025-23269 (NVIDIA Jetson Linux contains a vulnerability in the kernel
where an at ...)
@@ -189,13 +189,13 @@ CVE-2025-23266 (NVIDIA Container Toolkit for all
platforms contains a vulnerabil
CVE-2025-23263 (NVIDIA DOCA-Host and Mellanox OFED contain a vulnerability in
the VGT+ ...)
TODO: check
CVE-2025-1729 (A DLL hijacking vulnerability was reported in TrackPoint Quick
Menu so ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2025-1700 (A DLL hijacking vulnerability was reported in the Motorola
Software Fi ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2025-0886 (An incorrect permissions vulnerability was reported in Elliptic
Labs V ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2024-42209 (HCL Connections is vulnerable to an information disclosure
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-41921 (A code injection vulnerability has been discovered in the
Robot Operat ...)
TODO: check
CVE-2024-41148 (A code injection vulnerability has been discovered in the
Robot Operat ...)
@@ -207,9 +207,9 @@ CVE-2024-39289 (A code execution vulnerability has been
discovered in the Robot
CVE-2024-32323 (SQL Injection vulnerability in cnhcit.com Haichang OA v.1.0.0
allows a ...)
TODO: check
CVE-2024-32124 (An improper access control vulnerability [CWE-284] in
FortiIsolator ve ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-27779 (An insufficient session expiration vulnerability [CWE-613] in
FortiSan ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-13972 (A vulnerability related to registry permissions in the
Intercept X for ...)
TODO: check
CVE-2023-47356 (Mingyu Security Gateway before v3.0-5.3p was discovered to
contain a r ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/560eb7b0ef72c6e842f088aa1fb1eb1af383e6d6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/560eb7b0ef72c6e842f088aa1fb1eb1af383e6d6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
